d09fd8e9c481ae40ef5da3cb8db26dce_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d09fd8e9c481ae40ef5da3cb8db26dce_JaffaCakes118
Size

140KB
MD5

d09fd8e9c481ae40ef5da3cb8db26dce
SHA1

124b5b5066a22f572cc2af45604f00ff86ce49e7
SHA256

7d84372e48e9b41b5cbefe7194c1b9e95dec4dad28b06b311673f24a8fbe9d5c
SHA512

9f0507164ee68f93baa9374f993459cdc5d1e377f4416627fb24130960f4e2913fea31136740a30f1782354c8f9c1aad5385894290a68cf40bb3fbb1c3e37833
SSDEEP

1536:+VH0drhQ0iK7mBuOI3HmL0abfaS/7DEGL1/FdID0ha/Obu:0mrm05iBuO+HmjaSEGp/FdIgha2C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d09fd8e9c481ae40ef5da3cb8db26dce_JaffaCakes118

Files

d09fd8e9c481ae40ef5da3cb8db26dce_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

cm5c
Size: 1024B - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vq4
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gu
Size: 64KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gu
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE